header-logo
Suggest Exploit
vendor:
AutoIndex PHP Script
by:
7.5
CVSS
HIGH
Remote Denial-of-Service
20
CWE
Product Name: AutoIndex PHP Script
Affected Version From: 2.2.2002
Affected Version To: 2.2.2003
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

AutoIndex PHP Script Remote Denial-of-Service Vulnerability

The AutoIndex PHP Script is vulnerable to a remote denial-of-service vulnerability due to improper handling of unexpected input. An attacker can exploit this vulnerability by sending a specially crafted request to the affected application. Successful exploitation of this vulnerability can result in excessive consumption of CPU resources, potentially leading to a denial-of-service condition.

Mitigation:

The vendor has not provided a patch or mitigation for this vulnerability. It is recommended to restrict access to the affected application or implement a web application firewall to filter out malicious requests.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/26410/info

AutoIndex PHP Script is prone to a remote denial-of-service vulnerability because the application fails to properly handle unexpected input.

Successfully exploiting this issue allows remote attackers to consume excessive CPU resources, potentially denying service to legitimate users.

AutoIndex PHP Script 2.2.2 and 2.2.3 are vulnerable to this issue; prior versions may also be affected.

http://www.example.com/AutoIndex/index.php?dir=%00

Navigation

Suggest Exploit

Services By CQR